CVE-2026-2569

The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2026-2569

The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2026-2569

The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible for...

EUVD-2019-3895

Malware in sbrugna...

CVE-2025-30956

Cross-Site Request Forgery CSRF vulnerability in Booqable Rental Software Booqable Rental booqable-rental-reservations allows Cross Site Request Forgery.This issue affects Booqable Rental: from n/a through = 2.4.25...

CVE-2025-30956

Cross-Site Request Forgery CSRF vulnerability in Booqable Rental Software Booqable Rental booqable-rental-reservations allows Cross Site Request Forgery.This issue affects Booqable Rental: from n/a through = 2.4.25...

CVE-2025-30956

CVE-2025-30956 is a CSRF vulnerability in the Booqable Rental Plugin for WordPress (affected: up to 2.4.20). According to the cited metrics, the issue allows Cross-Site Request Forgery with no privileges required, but requires user interaction, and has low integrity impact (I:L) with no confident...

PT-2025-24177 · Unknown · Booqable Rental

Name of the Vulnerable Software and Affected Versions: Booqable Rental versions through 2.4.20 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricking the user into...

WordPress plugin Booqable Rental 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

Design/Logic Flaw

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...

Apache Httpd < 2.4.44 : Push Diary Crash on Specifically Crafted HTTP/2 Header

In Apache HTTP Server versions 2.4.20 to 2.4.43, when trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate...

WordPress Ad Inserter Plugin < 2.4.20 Directory Traversal Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113519";...

PT-2019-14052 · WordPress · Ad Inserter

Name of the Vulnerable Software and Affected Versions: ad-inserter plugin versions prior to 2.4.20 Description: The issue allows for path traversal. Recommendations: For versions prior to 2.4.20, update to version 2.4.20 or later to resolve the issue...

Apache 2.4.18 / 2.4.20 X.509 Certificate Authentication Bypass

According to its banner, the version of Apache running on the remote host is either 2.4.18 or 2.4.20. Additionally, HTTP/2 is enabled over TLS or SSL. It is, therefore, affected by the an authentication bypass vulnerability in the experimental module for the HTTP/2 protocol due to a failure to...

Apache HTTP Server Denial of Service Vulnerability (Jul 2016)

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Open-Xchange: Outdated Apache Server in www.dovecot.fi is vulnerable to various attack.

Apache HTTP Server NULL Pointer Dereference Vulnerability CVE 2014-3581. Apache HTTP Server 2.4.10 and earlier is prone to a vulnerability, which can be exploited to cause a DoS Denial of Service. The vulnerability exists because the application contains flaw in the cachemergeheadersout function...